Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/tOFPHDKsPqrmNTQOzau48PbU86M.roa
File: tOFPHDKsPqrmNTQOzau48PbU86M.roa (raw, json)
Hash identifier: Nzs8tZcdCZM2zhrmBmLffyAw4AHLFR2OHnNL8Kqq+38=
Subject key identifier: B4:E1:4F:1C:32:AC:3E:AA:E6:35:34:0E:CD:AB:B8:F0:F6:D4:F3:A3
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 018E5D46CFB93968D47099F499752D736E60
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/tOFPHDKsPqrmNTQOzau48PbU86M.roa
Signing time: Wed 20 Mar 2024 19:11:45 +0000
ROA not before: Wed 20 Mar 2024 19:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15755
IP address blocks: 185.35.21.0/24 maxlen: 24
185.96.168.0/24 maxlen: 24
185.96.171.0/24 maxlen: 24
185.203.32.0/24 maxlen: 24
185.203.34.0/24 maxlen: 24
2a00:7300::/32 maxlen: 32
2a00:7300::/48 maxlen: 48
2a0a:e0c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5d:46:cf:b9:39:68:d4:70:99:f4:99:75:2d:73:6e:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Mar 20 19:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4e14f1c32ac3eaae635340ecdabb8f0f6d4f3a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7a:c1:7d:65:f7:62:d9:a3:7d:d6:4f:a4:e6:
b4:8c:06:d3:a7:4e:e3:41:d8:65:f9:5f:b8:dc:e4:
fc:ec:9d:a4:94:ad:5b:95:20:56:d1:99:dc:a7:e8:
13:ae:ca:bf:71:02:61:11:69:e6:31:f3:12:b1:54:
12:56:55:d3:99:f2:8d:05:f4:6b:f9:0f:59:3e:6f:
4f:71:24:94:b0:36:2a:6b:4f:fe:4c:db:04:cd:bd:
24:35:40:6d:f5:6a:0a:db:06:8c:37:1f:dc:04:87:
85:5e:f3:37:46:ca:50:8a:57:9c:8b:45:2a:28:a3:
8b:0d:13:17:d9:d6:25:e6:01:bb:f1:4e:5d:72:46:
f2:10:3c:66:ce:e9:64:e0:f4:ff:fb:4b:80:e3:ea:
3d:ec:08:e4:ce:6f:8e:d1:3c:8a:21:06:de:38:32:
37:0e:18:d7:32:0f:a4:36:35:eb:bf:6b:c0:1b:29:
47:dc:04:5f:e5:4b:99:b0:bf:f2:b1:8a:81:e5:3d:
f5:c1:f6:92:b2:3a:89:e4:03:6e:b8:3e:8f:93:8d:
79:31:ee:9b:3b:3c:9a:3e:82:6d:a2:5a:7b:61:fb:
1d:0b:8f:f7:e4:80:31:65:c1:8b:59:12:82:d8:b3:
ac:82:6f:c6:91:50:10:ec:51:d2:b8:d6:74:1c:05:
fe:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E1:4F:1C:32:AC:3E:AA:E6:35:34:0E:CD:AB:B8:F0:F6:D4:F3:A3
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/tOFPHDKsPqrmNTQOzau48PbU86M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.21.0/24
185.96.168.0/24
185.96.171.0/24
185.203.32.0/24
185.203.34.0/24
IPv6:
2a00:7300::/32
2a0a:e0c0::/29
Signature Algorithm: sha256WithRSAEncryption
2d:db:56:82:be:ea:8a:0c:11:cb:b9:c7:5a:cc:b6:e1:bf:81:
da:17:e4:ef:53:8e:56:96:d1:b1:1b:93:30:ef:62:94:e1:08:
66:92:99:17:ab:dc:61:ff:c9:72:7c:4e:a4:57:18:a8:fb:af:
7b:7f:54:97:8a:f8:14:17:c7:34:cc:7a:3f:d5:b3:48:3d:a3:
3f:74:43:27:ef:9d:aa:f4:65:4c:58:4d:44:13:ff:24:e5:f9:
b2:d1:7e:12:39:5e:32:27:2b:50:b7:59:7d:2a:11:5b:a8:cd:
eb:67:2b:0f:c5:ac:dc:90:f5:c7:2f:ce:a0:9a:4c:f1:48:41:
c9:e2:8b:98:c0:5c:1e:f9:c8:71:27:53:8c:0b:2f:92:9a:c8:
10:99:a7:4b:a9:e9:2f:b8:5c:00:f4:e8:12:7a:c3:83:d9:83:
88:97:02:6d:dc:43:14:88:5a:7e:ae:a2:4c:e9:0d:3d:e1:e1:
8c:d8:27:d6:b9:a9:37:36:df:bc:17:69:b1:21:8b:de:d9:85:
47:5c:1a:e2:14:3b:b1:0e:bf:eb:af:d5:bc:49:08:27:1f:64:
ac:c5:8f:e3:e8:91:42:33:a8:dd:56:05:79:36:4c:a0:fe:72:
02:ed:f1:ca:a1:0f:5c:7b:52:c6:93:16:b9:03:99:ea:ba:34:
0c:31:e4:cb
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY5dRs+5OWjUcJn0mXUtc25gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MDE4MTVjNmY5OGYzYTJiNjE4NGFmZWJmMThlYTM0MWJl
ODgyZWEwHhcNMjQwMzIwMTkxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGUxNGYxYzMyYWMzZWFhZTYzNTM0MGVjZGFiYjhmMGY2ZDRmM2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3rBfWX3YtmjfdZPpOa0jAbTp07j
Qdhl+V+43OT87J2klK1blSBW0Zncp+gTrsq/cQJhEWnmMfMSsVQSVlXTmfKNBfRr
+Q9ZPm9PcSSUsDYqa0/+TNsEzb0kNUBt9WoK2waMNx/cBIeFXvM3RspQileci0Uq
KKOLDRMX2dYl5gG78U5dckbyEDxmzulk4PT/+0uA4+o97Ajkzm+O0TyKIQbeODI3
DhjXMg+kNjXrv2vAGylH3ARf5UuZsL/ysYqB5T31wfaSsjqJ5ANuuD6Pk415Me6b
OzyaPoJtolp7YfsdC4/35IAxZcGLWRKC2LOsgm/GkVAQ7FHSuNZ0HAX+TwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFLThTxwyrD6q5jU0Ds2ruPD21POjMB8GA1UdIwQY
MBaAFOUBgVxvmPOithhK/r8Y6jQb6ILqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWIt
MDA1OWY3MzdlZjA1LzEvdE9GUEhES3NQcXJtTlRRT3phdTQ4UGJVODZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWItMDA1OWY3MzdlZjA1
LzEvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQAuSMVAwQA
uWCoAwQAuWCrAwQAucsgAwQAucsiMBQEAgACMA4DBQAqAHMAAwUDKgrgwDANBgkq
hkiG9w0BAQsFAAOCAQEALdtWgr7qigwRy7nHWsy24b+B2hfk71OOVpbRsRuTMO9i
lOEIZpKZF6vcYf/JcnxOpFcYqPuve39Ul4r4FBfHNMx6P9WzSD2jP3RDJ++dqvRl
TFhNRBP/JOX5stF+EjleMicrULdZfSoRW6jN62crD8Ws3JD1xy/OoJpM8UhByeKL
mMBcHvnIcSdTjAsvkprIEJmnS6npL7hcAPToEnrDg9mDiJcCbdxDFIhafq6iTOkN
PeHhjNgn1rmpNzbfvBdpsSGL3tmFR1wa4hQ7sQ6/66/VvEkIJx9krMWP4+iRQjOo
3VYFeTZMoP5yAu3xyqEPXHtSxpMWuQOZ6ro0DDHkyw==
-----END CERTIFICATE-----
Generated at Sat Jul 27 04:41:16 2024 by rpki-client on console.sobornost.net